{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T18:49:56.130","vulnerabilities":[{"cve":{"id":"CVE-2024-8881","sourceIdentifier":"security@zyxel.com.tw","published":"2024-11-12T02:15:18.817","lastModified":"2024-11-14T13:51:11.257","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48 switch firmware version V2.80(AAHN.1)C0 and earlier could allow an authenticated, LAN-based attacker with administrator privileges to execute some operating system (OS) commands on an affected device by sending a crafted HTTP request."},{"lang":"es","value":"Una vulnerabilidad de inyección de comandos posterior a la autenticación en el programa CGI en el firmware del conmutador Zyxel GS1900-48 versión V2.80(AAHN.1)C0 y anteriores podría permitir que un atacante autenticado basado en LAN con privilegios de administrador ejecute algunos comandos del sistema operativo (OS) en un dispositivo afectado mediante el envío de una solicitud HTTP manipulada."}],"metrics":{"cvssMetricV31":[{"source":"security@zyxel.com.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}]},"weaknesses":[{"source":"security@zyxel.com.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:gs1900-8_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.90\\(aahh.0\\)c0","matchCriteriaId":"FDB5D07E-AAA1-439D-BC5F-CE005D328FF6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:gs1900-8:-:*:*:*:*:*:*:*","matchCriteriaId":"51D33F50-B5A4-4AEF-972C-7FF089C21D52"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:gs1900-8hp_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.90\\(aahi.0\\)c0","matchCriteriaId":"7C325177-8525-4E2F-9B81-EBA020E33619"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:gs1900-8hp:-:*:*:*:*:*:*:*","matchCriteriaId":"27602862-EFB7-402B-994E-254A0B210820"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:gs1900-10hp_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.90\\(aazi.0\\)c0","matchCriteriaId":"ECA64741-0758-4745-AC9A-961B6B01EA20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:gs1900-10hp:-:*:*:*:*:*:*:*","matchCriteriaId":"89201505-07AF-4F9C-9304-46F2707DB9B4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:gs1900-16_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.90\\(aahj.0\\)c0","matchCriteriaId":"808A3620-BCAA-4D27-898F-66A3115BC9BE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:gs1900-16:-:*:*:*:*:*:*:*","matchCriteriaId":"5078F7A5-D03B-4D3A-9C19-57DFF4D6BF7A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:gs1900-24_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.90\\(aahl.0\\)c0","matchCriteriaId":"8B91466E-3D14-4D3F-BAC8-A2AD013E4A1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:gs1900-24:-:*:*:*:*:*:*:*","matchCriteriaId":"F4F55299-70D5-4CE1-A1EC-D79B469B94F7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:gs1900-24e_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.90\\(aahk.0\\)c0","matchCriteriaId":"C670835A-A0FB-422B-8F42-8722A46E4A5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:gs1900-24e:-:*:*:*:*:*:*:*","matchCriteriaId":"A6456AD6-8A1D-4D3D-AC1A-ABE442242B1B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:gs1900-24ep_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.90\\(abto.0\\)c0","matchCriteriaId":"A390C08B-2771-4C10-B25D-07F51A4D931A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:gs1900-24ep:-:*:*:*:*:*:*:*","matchCriteriaId":"B22AA8B1-11E2-408F-A1F6-0F8AF32AB131"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:gs1900-24hpv2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.90\\(abtp.0\\)c0","matchCriteriaId":"DC00E9BF-64D5-409A-BE15-B9A01EA1C257"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:gs1900-24hpv2:-:*:*:*:*:*:*:*","matchCriteriaId":"512D9A91-8DA7-47F1-AC77-AF743F99BFF3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:gs1900-48_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.90\\(aahn.0\\)c0","matchCriteriaId":"631DAB84-4EF2-482E-A9D2-DAA39278B259"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:gs1900-48:-:*:*:*:*:*:*:*","matchCriteriaId":"CFB7D4BF-7D17-48D3-990D-4BADAC8BD868"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:gs1900-48hpv2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.90\\(abtq.0\\)c0","matchCriteriaId":"61819161-7A19-4438-8343-7936DE1D237C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:gs1900-48hpv2:-:*:*:*:*:*:*:*","matchCriteriaId":"BC74C679-6D22-47E4-AE8A-2647B1AA4276"}]}]}],"references":[{"url":"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-and-buffer-overflow-vulnerabilities-in-gs1900-series-switches-11-12-2024","source":"security@zyxel.com.tw","tags":["Vendor Advisory"]}]}}]}